> One is in the HTTP(S) header, which can indeed be stripped by privoxy.
HTTPS cannot be terminated, stripped and re-encapsulated by privoxy. It passes straight through. I still offer a gold doubloon to anyone who knows of a good unix TLS proxy/munger. One can dream. > tor handles a .nickname.exit passed to it in a unique way Nicknames are not unique. People should be specifying fingerprints instead. ie: fingerprint.exit > technicalities of SOCKS proxies... certain that .exit notation caused errors > from destination servers... it's not a new problem. It's not a socks issue. Until a TLS proxy is available, the most direct 'fix' would be a browser plugin that strips it off the host header when it is seen in the URL... before the browser does ssl on it. The two results would then get stuffed through socks as usual. > Of course some servers aren't running virtual hosts and so don't care about > the "Host: example.com.nickname.exit" header That's why, failing enhancement of MAPADDRESS, keeping .exit around would be handy for clued people... ssh [example.com|10.0.0.69].fingerprint.exit... is much simpler than managing a MAP. Yet unclued people don't know exit can bite them in URLbars, so they complain, so there is desire to kill URLbars to kill complaints from the unclued. Not to mention it isn't a fully capable method to begin with. > Perhaps one of the developers could weigh in on whether Tor itself should be > modifying the Host header It should not, Tor only provides passive transport services, and rightly so. I'm not a dev. And the world is going TLS. So if Tor does anything to 'fix' this, it should enhance the MAPADDRESS functionality as proposed earlier. And possibly provide a friendlier human 'domain2exit selection' interface to it via Vidalia or whatever windows people need. > - it may be moot as .exit notation is deprecated now It is deprecated in your URLbar. But not in the MAPADDRESS function. Exit MAPADDRESSing is still needed given the world's penchant for screwing up how their own services work based on where you're coming from. *********************************************************************** To unsubscribe, send an e-mail to [email protected] with unsubscribe or-talk in the body. http://archives.seul.org/or/talk/
